cancel
Showing results for 
Search instead for 
Did you mean: 

Updating device certificate

f5mkuDefault
Cirrus
Cirrus

Hi experts,

 

I am trying to update my device certificates.

 

what is the difference between these 2?

 

System >> Certificate Management : Device Certificate Management : Device Certificate Signing Request >> server.csr

 

System >> Certificate Management : Traffic Certificate Management : SSL Certificate List >> New SSL Certificate (Then create using Certificate Authority)

 

This is because when I genereated CSR I used the 2nd one, I forgot to create it under the device certificate management.

Will this still work?

 

Thank you in advance.

 

4 REPLIES 4

Hi there

As long as you have a valid certificate and key you can import them as a Decide Certificate. So if the subject names in the CSR also covers the FQDN of the device you want to have the certificate for it will work just fine.

 

  1. Go to Certificate Management -> Device Certificate Management -> Device Certificate
  2. Click Import
  3. Choose Certificate and Key from the drop-down
  4. Paste/upload a valid certificate and key pair
  5. Click import

 

 

Kind regards,

Patrik

f5mkuDefault
Cirrus
Cirrus

Thanks Patrick. it did work however I need to bundle the certificate (cert + chain + root).

If you're running a newer device you can add the chain via the UI:

0691T00000C2hC7QAJ.pngIf running a v12 you can follow this guide:

https://support.f5.com/csp/article/K13302

 

thank you, actually i got confuse with that but I am certain the CSR can be taken from any machine. Can also be taken from a winserver etc.

I just got confused why there are 2 ways to do it in F5. One that is dedicated for device management and another for app services.

 

but anyway I was able to get it working by bundling the cert, chain and root.

 

Installing the cert, chain and root separate in F5 it does not work.